1.888.749.9800

Blog

When is ethical hacking appropriate?

When is ethical hacking appropriate? I was recently asked by Kaitlin Milliken of the Worcester Telegram  to comment on the growing field of ethical hacking and how it fits in with an organization’s cyber security program. Here’s an excerpt from her article:

Companies across the country — including Sudbury-based SystemExperts Corp. […]

By |July 17th, 2017|Blog|Comments Off on When is ethical hacking appropriate?
  • Permalink Gallery

    The Best IT Security Policies Reflect the Value of Simplicity

The Best IT Security Policies Reflect the Value of Simplicity

90 percent of what we do to help people get better security is focusing on straight-forward common sense and having consistent policies and procedures.

To be good at what we do, we always work to make things as simple as possible for our customers because we recognize human behavior, and it is so much easier to remember and do simple […]

By |July 17th, 2017|Blog, Security Breach|Comments Off on The Best IT Security Policies Reflect the Value of Simplicity

What Comes First, the 27001 or the 27002 ISO Standards?

There is something quirky about the 27000 series of standards published by the International Organization for Standardization (ISO).

Perhaps it is presented deliberately this way as a lesson in due diligence. Perhaps it is just a random error. But the standards are in the wrong numerical order. Judging from our interactions with company IT organizations, this […]

By |June 8th, 2017|Blog, ISO 27002|Comments Off on What Comes First, the 27001 or the 27002 ISO Standards?

Tips to Protect Against Ransomware

Following the Wannacry outbreak, we were reading about another attack, called Adylkuzz. Both cyberthreats rely on a Windows bug that was patched on March 14 and only affect PCs that haven’t installed the latest version of Microsoft’s software updates.

In light of this news, I thought it would be timely to talk about some common sense recommendations […]

By |May 22nd, 2017|Blog, Security Breach|Comments Off on Tips to Protect Against Ransomware

Disaster Recovery & Cybersecurity

I’d like to share answers to questions recently asked about disaster recovery.

1. What advice would you give to tie cybersecurity protection and IT disaster recovery together for business continuity?

There are a number of activities performed by the IT operational group within an organization that deal with Disaster Recovery. They include performing data backups, using primary/backup datacenters, and […]

By |May 9th, 2017|Blog, Security Breach|Comments Off on Disaster Recovery & Cybersecurity

Tips to Prevent Online Identity Theft

There are few new trends in online identity theft, although some attacks are becoming more sophisticated, the basic steps to prevent exploits remains the same.

Be on the lookout for attacks that use broken English in the message body. While most now use proper English and use the same style and logos that are used by […]

By |April 24th, 2017|Blog, Security Breach|Comments Off on Tips to Prevent Online Identity Theft

Network Access Control (NAC)

Controlling access to the network is fundamental security control. For shared networks, the capability of users to connect to the network should be restricted. Well known security frameworks such as ISO 27002, Information technology – Security techniques – Code of practice for information security management, includes this control as a recommendation. And the […]

By |April 11th, 2017|Blog, ISO 27002, Uncategorized|Comments Off on Network Access Control (NAC)
  • Permalink Gallery

    Some Basic but Effective Advice for Secure Online Transactions

Some Basic but Effective Advice for Secure Online Transactions

Just about everybody shops online these days. Even so, many people worry about security issues and fraud.  I was recently asked if I could share some high-level tips and best practices for online transactions. Here is what I recommend:

  1. Try to consolidate all online purchases onto a single credit or debit card.  That way, you […]
By |March 10th, 2017|Blog|Comments Off on Some Basic but Effective Advice for Secure Online Transactions

How Big an Issue is Security; How can it be Addressed?

Other than the technology itself of an IoT device and the service it provides, the single most important characteristic that will define either success or failure, no matter what the size of the business, will be the security of that device.

The IoT is only in its infancy and yet there have already been an alarming […]

By |March 6th, 2017|Blog, Security Breach|Comments Off on How Big an Issue is Security; How can it be Addressed?

Impact of a Data Breach on a Small Business

While our main focus is as a provider of IT compliance and security consulting services, we have been called in to help a few small businesses handle security incidents and data breaches. These calls come to us after the client has discovered there’s been a security incident or data breach and as a result is seeking to […]

By |February 20th, 2017|Blog, Security Breach|Comments Off on Impact of a Data Breach on a Small Business

Importance of Following IT Security Policies

Just as in the 1980s when manufacturing companies recognized that quality was an attribute that had to baked into every facet of an organization (from design, production, delivery, and through product lifecycle), not inspected in at the end of the process, effective cyber security depends on every employee playing a part in keeping the enterprise secure.

The most sophisticated and […]

By |February 6th, 2017|Blog|Comments Off on Importance of Following IT Security Policies

IoT Security Nightmares

At the same time that consumers and manufacturers are getting excited about the potential opportunities, capabilities, and revenue that the Internet of Things (IoT) enhanced devices can offer, many are already starting to understand the frightening lack of essential security functionality and the potentially overwhelming opportunities for exploitation.

The IoT is only in its infancy and […]

By |January 23rd, 2017|Blog|Comments Off on IoT Security Nightmares
  • Permalink Gallery

    Why it is Important for Companies to Invest in Cybersecurity Awareness Training

Why it is Important for Companies to Invest in Cybersecurity Awareness Training

Technology is only as effective as the people that operate it.

Cybersecurity awareness training is the most cost effective investment any organization can make in preventing data breaches, system compromise, reputational damage, and loss of intellectual property.

No one is born knowing how to use computers and networks securely. There are basic dos and don’ts […]

By |January 17th, 2017|Blog, Security Breach|Comments Off on Why it is Important for Companies to Invest in Cybersecurity Awareness Training

How are Hackers Tricking Social Media Users?

One of the most popular exploitation methods used by hackers when targeting social media users is social engineering. Using confidence tricks, a hacker can manipulate his target into performing actions or disclosing confidential information. If pulled off successfully, a social engineering attack could result in a hacker gaining complete access to its target’s social media account with little effort.

One […]

By |December 20th, 2016|Blog|Comments Off on How are Hackers Tricking Social Media Users?

What Exactly Does the Future of IoT Security Hold?

Picking up on the conversation from my previous post, the Internet of Things continues to pose challenges for many manufactures as they now have to think about network security for new versions of their products.

One of the worries about the future of the Internet of Things (IoT) is that many of the manufactures that are […]

By |December 12th, 2016|Blog, Security Breach|Comments Off on What Exactly Does the Future of IoT Security Hold?